Last.fm password leak causes havoc
In yet another password balls-up, millions could be affected after it was reported that Last.fm have suffered a password security breach. The company have confirmed that they'll be investigating a breach and strongly advised that all users change their passwords.
"We are currently investigating the leak of some Last.fm user passwords," said the company. "This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we're asking all our users to change their passwords immediately."
As many as 17.3 million unique MD5 hashes (which can be cracked open like eggs to reveal people's yolky passwords) appeared on a hacking forum and, according to security bods, KoreLogic, could easily be used to reveal Last.fm users' passwords.
"The list has been 'out there' for a long time," one of the KoreLogic team said in a Reddit comment on Thursday. "I talked about it privately at 2011 DEFCON. It was originally posted by 'bad guys' on password cracking websites last year. I grabbed it, but it was promptly deleted."
This Last.fm leak comes on the back of hacks concerning LinkedIn and dating site eHarmony.